<?php
/*
Bitsand - a web-based booking system for LRP events
Copyright (C) 2006, 2007 Russell Peter Phillips

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*/

include ('../inc/inc_head_db.php');
include ('../inc/inc_admin.php');

$db_prefix = DB_PREFIX;
$sGreen = '';
$sWarn = '';

if ($_GET ['action'] == 'delete' && CheckReferrer ('admin/admin_faq.php')) {
	$sql = "DELETE FROM {$db_prefix}faq WHERE faqOrder = " . (int) $_GET ['id'];
	ba_db_query ($link, $sql);
}
elseif ($_GET ['action'] == 'edit' && CheckReferrer ('admin/admin_faq.php')) {
	$sql = "SELECT faqOrder, faqQuestion, faqAnswer FROM {$db_prefix}faq WHERE faqOrder = " . (int) $_GET ['id'];
	$result = ba_db_query ($link, $sql);
	$row = ba_db_fetch_assoc ($result);
	$iOrder = (int) $row ['faqOrder'];
	$sQuestion = $row ['faqQuestion'];
	$sAnswer = $row ['faqAnswer'];
	
	$sql = "DELETE FROM {$db_prefix}faq WHERE faqOrder = " . (int) $_GET ['id'];
	ba_db_query ($link, $sql);
}

if ($_POST ['btnSubmit'] == 'Add' && CheckReferrer ('admin/admin_faq.php')) {
	$sql = "INSERT INTO {$db_prefix}faq (faqOrder, faqQuestion, faqAnswer) VALUES (" .
		(int) $_POST ['txtOrder'] . ", '" . ba_db_real_escape_string ($link, $_POST ['txtQuestion']) . "', '" .
		ba_db_real_escape_string ($link, $_POST ['txtAnswer']) . "')";
	if (ba_db_query ($link, $sql))
		$sGreen = "The FAQ item was added successfully.";
	else {
		$sWarn = "There was an error adding the FAQ item. Check that the Order number is unique.";
		$iOrder = (int) $_POST ['txtOrder'];
		$sQuestion = $_POST ['txtQuestion'];
		$sAnswer = $_POST ['txtAnswer'];
	}
}

include ('../inc/inc_head_html.php');
?>

<h1><?php echo TITLE?> - FAQ Edit</h1>

<?php
if ($sGreen != '')
	echo "<p class = 'green'>$sGreen</p>";
elseif ($sWarn != '')
	echo "<p class = 'warn'>$sWarn</p>";
?>

<table>
<tr><th>Order</th>
<th>Question &amp; Answer</th>
</tr>
<?php
$sql = "SELECT faqOrder, faqQuestion, faqAnswer FROM {$db_prefix}faq ORDER BY faqOrder";
$result = ba_db_query ($link, $sql);
while ($row = ba_db_fetch_assoc ($result)) {
	$faqQuestion = htmlentities ($row ['faqQuestion']);
	$faqAnswer = htmlentities ($row ['faqAnswer']);
	$faqQuestion = str_replace ("EVENT_MAIL", "<a href = 'mailto:" . Obfuscate (EVENT_CONTACT_MAIL) . "'>" . EVENT_CONTACT_NAME . "</a>", $faqQuestion);
	$faqQuestion = str_replace ("TECH_MAIL", "<a href = 'mailto:" . Obfuscate (TECH_CONTACT_MAIL) . "'>" . TECH_CONTACT_NAME . "</a>", $faqQuestion);
	$faqQuestion = str_replace ("PLAYER_ID", player_ID (), $faqQuestion);
	$faqAnswer = str_replace ("EVENT_MAIL", "<a href = 'mailto:" . Obfuscate (EVENT_CONTACT_MAIL) . "'>" . EVENT_CONTACT_NAME . "</a>", $faqAnswer);
	$faqAnswer = str_replace ("TECH_MAIL", "<a href = 'mailto:" . Obfuscate (TECH_CONTACT_MAIL) . "'>" . TECH_CONTACT_NAME . "</a>", $faqAnswer);
	$faqAnswer = str_replace ("PLAYER_ID", player_ID (), $faqAnswer);

	echo "<tr><td>{$row ['faqOrder']}</td>";
	echo "<td><b>" . stripslashes ($faqQuestion) . "</b></td></tr>\n";
	echo "<tr><td><a href = 'admin_faq.php?action=delete&amp;id={$row ['faqOrder']}'>Delete</a>&nbsp;:";
	echo "&nbsp;<a href = 'admin_faq.php?action=edit&amp;id={$row ['faqOrder']}#add'>Edit</a></td>";
	echo "<td>" . stripslashes ($faqAnswer) . "</td></tr>\n";
	echo "<tr><td colspan = '2'><hr></td></tr>\n";
}
?>
</table>

<h2><a name = 'add'>Add/Edit FAQ Item</a></h2>

<p>
<ul>
<li>To add a new item, fill in the details below and click Add.
<li><b>Order</b> must be an integer number, and must be unique.<br>
<li>HTML is not allowed.
<li>To include an e-mail link, enter either EVENT_MAIL or TECH_MAIL (in upper case) and an e-mail link to the relevent contact will be inserted at that point.
<li>To include a logged-on user's player ID, enter PLAYER_ID (in upper case) and it will be inserted at that point (in brackets)
</ul>
<?php
if ($_GET ['action'] == 'edit')
	echo "<br>The entry you chose to edit has been deleted. Edit it below and click Add.\n";
?>
</p>

<form action = 'admin_faq.php' method = 'post'>
<table>
<tr><td>Order:</td>
<td><input name = 'txtOrder' value = "<?php echo $iOrder ?>"></td></tr>
<tr><td>Question:</td>
<td><input name = 'txtQuestion' value = "<?php echo htmlentities ($sQuestion) ?>"></td></tr>
<tr><td>Answer:</td>
<td><textarea rows = "4" cols = "60" name = 'txtAnswer'><?php echo htmlentities ($sAnswer) ?></textarea></td></tr>
<tr><td><input type = 'submit' value = 'Add' name = 'btnSubmit'></td>
<td><input type = 'reset'></td></tr>
</table>
</form>

<?php
include ('../inc/inc_foot.php');
?>
